external/mailinabox
1
0
Fork 0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2025-04-20 02:52:11 +00:00
Code Issues Releases Wiki Activity

Don't check mfa for /munin/* admin routes

Browse Source
This commit is contained in:
Felix Spöttel 2020-11-16 12:27:29 +01:00
parent 7fd35bbd11
commit 53e46fb1a2
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
management/mfa.py
View File

@ -110,6 +110,14 @@ def validate_auth_mfa(email, request, env):
if len(mfa_state) == 0: if len(mfa_state) == 0:
return (True, []) return (True, [])
# munin routes are proxied by our control panel. We do not have
# full control over their routes so credentials are supplied via
# a basic HTTP authentication prompt.
# There is neither a way to input a mfa credential there nor can we pass
# the user_api_key from localStorage so mfa should be disabled for these routes.
if request.full_path.startswith("/munin"):
return (True, [])
# Try the enabled MFA modes. # Try the enabled MFA modes.
hints = set() hints = set()
for mfa_mode in mfa_state: for mfa_mode in mfa_state: